Privacy Policy

This is Sijoitusasuntovahti Oy's privacy policy and data protection statement in accordance with the EU's General Data Protection Regulation (GDPR).

Updated on January 27, 2025

1. Data controller

Sijoitusasuntovahti Oy

Business ID 3354444-2
Sorronkuja 3, 04410 Järvenpää

2. Contact details for the register

info@horisonttigroup.com

3. Name of the register

Sijoitusasuntovahti Oy customer register

4. Legal basis and purpose of processing personal data

The purpose of the customer register is the controller's contractual or customer relationship with the client (e.g., seller, buyer, or landlord); the relationship with the client's counterparty (e.g., buyer, seller, or tenant) related to the performance of the assignment; the contractual relationship with the user of the assessment assignment or other expert service; the relationship based on the marketing consent given by the customer, the purpose of which is, among other things, multi-channel marketing communication to the customer, e.g., by email, online, telemarketing, or post.

The controller may also collect data, for example, from persons present at apartment viewings in order to prevent crimes or misconduct, monitoring, and investigating crimes or misconduct, or by other means to determine the interests of potential customers or to establish a subsequent customer relationship/provide services and for marketing purposes.

The information in the customer register may be used for the following main purposes:

• customer relationship management and development
• providing, offering, developing, improving, and protecting services
• billing, collection, and verification of customer transactions
• advertising targeting (Google Ads, Facebook, and LinkedIn)
• analysis and statistics concerning services (Google Analytics)
• customer communications, marketing, and advertising
• Targeting marketing and advertising content (including email) based on customer information and behavior
• protecting and securing the rights and/or property of the controller and other persons and entities involved in the services
• fulfilling the controller's legal obligations, as well as other similar purposes.

5. Data content of the register

The information stored in the register includes:

• person's name, position, company/organization
• contact details (phone number, email address, address)
• www website addresses
• IP address of the network connection (in certain cases)
• accounts/profiles on social media services
• information about ordered services and changes to them
• billing information
• other information related to customer relationships and ordered services
• notes from customer meetings and other documents related to customer relationships

We strive to keep the personal data we hold accurate and up to date by deleting unnecessary information and updating outdated information. However, we encourage you to check the accuracy of your information from time to time.

The IP addresses of website visitors and cookies necessary for the functioning of the service are processed on the basis of legitimate interest, e.g. for security purposes and for collecting statistical data on website visitors in cases where such data can be considered personal data. Consent for third-party cookies is requested separately, if necessary.

Cookies

Cookies are short text files that are stored on the user's computer when visiting different websites. When the user visits the website again, they can be offered personalized content, for example, or avoid annoying the visitor with another cookie notification. Cookies therefore help the website to remember you.

We use the following cookies on our website:

• Google Analytics: We use Google Analytics cookies on our website. These cookies help us collect info on how people use our website (like the number of visits and browser tech details). The cookies do not collect any personal identification information that could be used to identify the user. For more information about Google Analytics' privacy policy, please visit: https://policies.google.com/privacy
• We also use cookies to target and track advertising on Facebook and LinkedIn advertising platforms.

6. Regular sources of information

The information stored in the register is obtained from the customer, for example, from messages sent via web forms, by email, by telephone, through social media services, from agreements, customer meetings, and other situations in which the customer provides their information.

Information about contact persons at companies and other organizations may also be collected from public sources such as websites, directory services, and other companies.

7. Regular disclosure of data and transfer of data outside the EU or EEA

Information is not routinely disclosed to other parties. The data may be published to the extent agreed with the customer. We disclose your data within the limits permitted by law within Sijoitusasuntovahti Oy and to companies or entities belonging to the same economic group for the purposes of customer service, customer relationship management, and marketing.

Sijoitusasuntovahti Oy uses subcontractors in the provision of services and discloses personal data to authorities, for example, in order to fulfill its legal obligations and to provide services to these subcontractors.

As a rule, we process data within the EU and EEA. If we transfer data outside the EU or EEA, we ensure an adequate level of protection for personal data as required by law, for example by using model contract clauses approved by the European Commission. A separate section of the privacy policy describes in more detail the data protection measures taken in relation to data transfers outside the EU or EEA.

8. Principles of register protection

The register is handled with care and the data processed using information systems is protected appropriately. When register data is stored on Internet servers, the physical and digital security of the equipment is ensured in an appropriate manner. The controller shall ensure that stored data, server access rights, and other information critical to the security of personal data are treated confidentially and only by employees whose job description includes such tasks.

9. Right of inspection and right to request correction of information

Every person listed in the register has the right to check their information stored in the register and request that any incorrect information be corrected or incomplete information be supplemented. If a person wishes to check the information stored about them or request a correction, the request must be sent in writing to the controller. If necessary, the controller may ask the person making the request to prove their identity. The controller will respond to the customer within the time limit specified in the EU Data Protection Regulation (usually within one month).

10. Other rights related to the processing of personal data

A person included in the register has the right to request that their personal data be removed from the register ("right to be forgotten"). Similarly, data subjects have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the controller. If necessary, the controller may ask the person making the request to prove their identity. The controller will respond to the customer within the time limit specified in the EU General Data Protection Regulation (usually within one month).

The data subject also has the right to:

• Prohibits direct marketing
• Object to the processing of their personal data in certain situations
• Lodge a complaint with the data protection authority

Updated on January 27, 2025.